Skip to main content

Ingenious new method used by spammers

I love doing Google hacks, so this caught my eye: Our friends over at Symantec wrote up an interesting report on an interesting new method spammers are using to bypass filters. Many filters look at the URLs inside of a spam to determine a spamminess of an email.

In this case, a spammer used a Google search link instead of a URL.

Here’s what the spammer did to pull off this little magic trick:

1. The spammer devised a query string which yielded only his or her URL as result of an advanced Google search.

2. The spammer then simulated the click of the "I'm Feeling Lucky" button (notice the '&btnl=' at the end of the above URL) that will take you to the URL of the first result that comes up for the entered search query.

3. Lastly, the spammer packed this URL into a regular email and sent it out to evade spam filters.

Very cute. More at here (opens in new tab) (via Register (opens in new tab)).

Alex is a technology CEO, with leadership, operating partner, investor, and board member roles at security firms including AutoLoop, Borland, Quarterdeck (now Symantec and Cisco WebEx), GFI/TeamViewer, Sunbelt Software (now ThreatTrack Security), BlueStripe Software, StopBadware, Knowbe4, Malwarebytes, and Runaware Holding AB. When CEO of Sunbelt he ran a security blog, and he still writes on security.